home

ads.installads.com

Temp Organization

Domain Information

The domain ads.installads.com registered by Temp Organization was initially registered in July of 2015 through NICS TELEKOMUNIKASYON TICARET LTD.STI.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Istanbul, Istanbul within Turkey which resides on the RIPE Network Coordination Centre network.
Registrar:
NICS TELEKOMUNIKASYON TICARET LTD.STI.

Server location:
Istanbul, Turkey (TR)

Create date:
Sunday, July 26, 2015

Expires date:
Tuesday, July 26, 2016

Updated date:
Sunday, July 26, 2015

ASN:
AS29262 IDEALHOSTING IDEALHOSTING SUNUCU INTERNET HIZ. TIC. LTD STI,TR

Root domain:
installads.com

Whois:
1 installads.com record

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MediaGet.Banner.Installer (M), PUP.MediaGet.Inbox.Installer (M)
100.00%

Bkav FE
W32.HfsAdware
20.00%

Malwarebytes
PUP.Optional.MediaGet
20.00%

ESET NOD32
Win32/MediaGet.AE potentially unwanted (variant)
20.00%

Kaspersky
not-a-virus:HEUR:Downloader.Win32.MediaGet
20.00%

Comodo Security
Application.Win32.MediaGet.G
20.00%

Dr.Web
Program.MediaGet.133
20.00%

Sophos
MediaGet (PUA)
20.00%

G Data
Win32.Adware.MediaGet
20.00%

IKARUS anti.virus
PUA.MediaGet
20.00%

AVG
Banne
20.00%

Baidu Antivirus
Adware.Win32.MediaGet
20.00%

Qihoo 360 Security
Win32/Virus.e7d
20.00%

The domain ads.installads.com has been seen to resolve to the following IP address.

185.87.123.164
mail168164.dergireklam.com
April 20, 2016

File downloads found at URLs served by ads.installads.com.

1 / 68      (PUP)
http://ads.installads.com/indir.php?&t1=siberyazilimci&is=XmodGames Clash Of  (outlast-full-turkce-indir_id2959289ids2s.exe)

13 / 68    (PUP)
http://ads.installads.com/indir.php?&t1=1080p&is=Korku Kapan? 1  (mediaget_id2772891ids2s.exe)

1 / 68      (PUP)
http://ads.installads.com/indir.php?&t1=haber&is=M?s?r Tanr?lar? indir  (mediaget_id3638348ids2s.exe)

1 / 68      (PUP)
http://ads.installads.com/indir.php?&t1=720pindir&is=Her ?ocuk ?zeldir  (mediaget_id2529599ids2s.exe)

13 / 68    (PUP)
http://ads.installads.com/indir.php?&t1=siberyazilimci&is=Psiphon3 Bilgisayar Sürümü  (mediaget_id2772891ids2s.exe)

1 / 68      (PUP)
http://ads.installads.com/indir.php?&t1=1080p&is=Buz Devri 4:  (outlast-full-turkce-indir_id2959289ids2s.exe)

13 / 68    (PUP)
http://ads.installads.com/indir.php?&t1=siberyazilimci&is=Jumpstart ve Dumpper  (mediaget_id2772891ids2s.exe)

1 / 68      (PUP)
http://ads.installads.com/indir.php?&t1=720pindir&is=Cesaretin Var M  (mediaget_id3993269ids1s.exe)

1 / 68      (PUP)
http://ads.installads.com/indir.php?&t1=haber&is=Hesapla?ma indir Film  (mediaget_id3638348ids2s.exe)

1 / 68      (PUP)
http://ads.installads.com/indir.php?&t1=720pindir&is=Melekler ?ehri 720p  (mediaget_id3993269ids1s.exe)

13 / 68    (PUP)
http://ads.installads.com/indir.php?&t1=apkmobi2&is=Subway Surfers v  (mediaget_id2772891ids2s.exe)

The following 2 files have been seen to comunicate with ads.installads.com in live environments.

TCP » 185.87.123.164:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 185.87.123.164:80
rlvknlg.exe (Relevant-Knowledge by TMRG)

URL:
http://ads.installads.com/

Title:
“installads”

Web server:
Apache

downloadcfile.com

downloadturbolink.com

fullindirin.net

installadpro.com

installads.net

installads2.com

installadz.com

installadz1.com

installcdnfile.com

turbobitcdn1.com

turbobitcdn2.com

turbobitcdn4.com

turbobitcdn5.com

turbobitfreecdn.com

turbofileindir.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.